diff options
Diffstat (limited to 'man/taler.conf.5')
-rw-r--r-- | man/taler.conf.5 | 199 |
1 files changed, 185 insertions, 14 deletions
diff --git a/man/taler.conf.5 b/man/taler.conf.5 index 3ca1d3c4..6ae7dd4d 100644 --- a/man/taler.conf.5 +++ b/man/taler.conf.5 @@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] .\" new: \\n[rst2man-indent\\n[rst2man-indent-level]] .in \\n[rst2man-indent\\n[rst2man-indent-level]]u .. -.TH "TALER.CONF" "5" "Mar 07, 2024" "0.9" "GNU Taler" +.TH "TALER.CONF" "5" "May 15, 2024" "0.10" "GNU Taler" .SH NAME taler.conf \- Taler configuration file .SH DESCRIPTION @@ -79,8 +79,6 @@ from \fI\%GNU autoconf\fP\&. The values are usually dependent on an \fBINSTALL_PREFIX\fP which is determined by the \fB\-\-prefix\fP option given to configure. The canonical values are: .INDENT 0.0 -.INDENT 3.5 -.INDENT 0.0 .IP \(bu 2 LIBEXECDIR = $INSTALL_PREFIX/taler/libexec/ .IP \(bu 2 @@ -98,8 +96,6 @@ LIBDIR = $INSTALL_PREFIX/lib/taler/ .IP \(bu 2 DATADIR = $INSTALL_PREFIX/share/taler/ .UNINDENT -.UNINDENT -.UNINDENT .sp Note that on some platforms, the given paths may differ depending on how the system was compiled or installed, the above are just the @@ -346,21 +342,31 @@ Works the same as \fBTERMS_ETAG\fP, just for the privacy policy. .UNINDENT .SS EXCHANGE KYC PROVIDER OPTIONS .sp -The following options must be in the section \(dq[kyc\-provider\-XXX]\(dq sections. +The following options must be in the section \(dq[kyc\-provider\-$PROVIDER_NAME]\(dq sections. .INDENT 0.0 .TP -.B COST -Relative cost of the KYC provider, non\-negative number. -.TP .B LOGIC API type of the KYC provider. .TP -.B USER_TYPE -Type of user this provider is for, either INDIVIDUAL or BUSINESS. +.B CONVERTER +Name of a program to run on the output of the plugin +to convert the result into the desired set of attributes. +The converter must create a log for the system administrator +if the provided inputs do not match expectations. +Note that the converter will be expected to output the +set of attributes listed under the respective \fB[kyc\-check\-*]\fP +sections. Calling the converter with \fB\-\-list\-outputs\fP +should generate a (newline\-separated) list of attributes +the converter promises to generate in its JSON output +(when run regularly). .TP -.B PROVIDED_CHECKS -List of checks performed by this provider. Space\-separated names of checks, must match check names in legitimization rules. +.B COST +Optional cost, useful if clients want to voluntarily +trigger authentication procedures for attestation. .UNINDENT +.sp +Additional logic\-specific options may be given in the +section. .SS EXCHANGE KYC OAUTH2 OPTIONS .sp The following options must be in the section \(dq[kyc\-provider\-XXX]\(dq sections with \(dqLOGIC = oauth2\(dq. @@ -447,6 +453,171 @@ The following option must be in the section \(dq[kyclogic\-persona]\(dq. .B WEBHOOK_AUTH_TOKEN Authentication token Persona must supply to our webhook. This is an optional setting. .UNINDENT +.SS EXCHANGE KYC CHECK OPTIONS +.sp +The following options must be in \(dq[kyc\-check\-$CHECK_NAME]\(dq sections. +.INDENT 0.0 +.TP +.B TYPE +Which type of check is this? Also determines +the SPA form to show to the user for this check. +.INDENT 7.0 +.IP \(bu 2 +INFO: wait for staff or contact staff out\-of band +(only information shown, no SPA action) +.IP \(bu 2 +FORM: SPA should show an inline (HTML) form +.IP \(bu 2 +LINK: SPA may start external KYC process or upload +.UNINDENT +.TP +.B VOLUNTARY +Optional. Set to YES to allow this check be +done voluntarily by a client (they may then +still have to pay for it). Used to offer the +SPA to display checks even if they are +not required. Default is NO. +.TP +.B PROVIDER_ID +Provider id, present only if type is LINK. +Refers to a \fBkyc\-provider\-$PROVIDER_ID\fP section. +.TP +.B FORM_NAME +Name of the SPA form, if type is FORM +\(dqINFO\(dq and \(dqLINK\(dq are reserved and must not be used. +The exchange server and the SPA must agree on a list +of supported forms and the resulting attributes. +The SPA should include a JSON resource file +\(dqforms.json\(dq mapping form names to arrays of +attribute names each form provides. +The list of possible FORM names is fixed in the SPA +for a particular exchange release. +.TP +.B DESCRIPTION +Descriptions to use in the SPA to display the check. +.TP +.B DESCRIPTION_I18N +JSON with internationalized descriptions to use +in the SPA to display the check. +.TP +.B REQUIRES +\(aq;\(aq\-separated list of fields that the CONTEXT must +provide as inputs to this check. For example, +for a FORM of type CHOICE, this might state +\fBchoices: string[];\fP\&. The type after the \(dq:\(dq +is for now purely for documentation and is +not checked. However, it may be shown to AML staff +when they configure measures. +.TP +.B OUTPUTS = business_name street city country registration +Description of the outputs provided by the check. +Basically, the check\(aqs output is expected to +provide the following fields as attribute inputs into +a subsequent AML program. +Only given for type FORM; INFO never has any outputs, +and for type LINK we can obtain the same information +from the CONVERTER via \fB\-\-list\-outputs\fP\&. +.TP +.B FALLBACK +Name of an \fBoriginal\fP measure to take if the check fails +(for any reason, e.g. provider or form fail to +satisfy constraints or provider signals user error) +Usually should point to a measure that requests +AML staff to investigate. The fallback measure +context always includes the reasons for the +failure. +.UNINDENT +.SS EXCHANGE KYC RULES +.sp +The following options must be in \(dq[kyc\-rule\-$RULE_NAME]\(dq sections. +.INDENT 0.0 +.TP +.B OPERATION_TYPE = WITHDRAW +Operation that triggers this rule. +Must be one of WITHDRAW, DEPOSIT, P2P\-RECEIVE +or WALLET\-BALANCE. +.TP +.B NEXT_MEASURES +Space\-separated list of next measures to be performed. +The SPA should display \fIall\fP of these measures to the user. +(They have a choice of either which ones, or in +which order they are to be performed.) +A special measure name \(dqverboten\(dq is used if the +specified threshold may never be crossed +(under this set of rules). +.TP +.B IS_AND_COMBINATOR +\(dqYES\(dq if all NEXT_MEASURES will eventually need +to be satisfied, \(dqNO\(dq the user has a choice between +them. Not actually enforced by the exchange, but +primarily used to inform the user whether this is +an \(dqand\(dq or \(dqor\(dq. YES for \(dqand\(dq. +.TP +.B EXPOSED +YES if the rule (specifically, operation type, +threshold, timeframe) and the general nature of +the next measure (verboten or approval required) +should be exposed to the client. +Defaults to NO if not set. +.TP +.B THRESHOLD +Threshold amount above which the rule is +triggered. The total must be exceeded in the given +timeframe. +.TP +.B TIMEFRAME +Timeframe over which the amount to be compared to +the THRESHOLD is calculated (for example, \(dq30 days\(dq). +Ignored for WALLET\-BALANCE. Can be \(aqforever\(aq. +.TP +.B ENABLED = NO +Set to YES to enable the rule (default is NO). +.UNINDENT +.SS EXCHANGE AML PROGRAMS +.sp +The following options must be in \(dq[aml\-program\-$PROG_NAME]\(dq sections. +.INDENT 0.0 +.TP +.B COMMAND +Name of the program to run. Must match a binary +on the local machine where the exchange is running. +.TP +.B DESCRIPTION +Human\-readable description of what this +AML helper program will do. Used to show +to the AML staff. +.TP +.B ENABLED +True if this AML program is enabled (and thus can be +used in measures and exposed to AML staff). +Optional, default is NO. +.TP +.B FALLBACK +Name of an \fBoriginal\fP measure to take if COMMAND fails +Usually points to a measure that asks AML staff +to contact the systems administrator. The fallback measure +context always includes the reasons for the +failure. +.UNINDENT +.SS EXCHANGE KYC MEASURES +.sp +The following options must be in \(dq[kyc\-measure\-$MEASURE_NAME]\(dq sections. These sections define the \fBoriginal\fP measures. +.INDENT 0.0 +.TP +.B CHECK_NAME +Name of a possible check for this measure. Optional. +If not given, PROGRAM should be run immediately +(on an empty set of attributes). +.TP +.B CONTEXT = {\(dqchoices\(dq:[\(dqindividual\(dq,\(dqbusiness\(dq]} +Context for the check. The context can be +just an empty JSON object if there is none. +.TP +.B PROGRAM +Program to run on the context and check data to +determine the outcome and next measure. +Refers to a \fB[aml\-program\-$PROG_NAME]\fP section name. +.UNINDENT .SS EXCHANGE EXTENSIONS OPTIONS .sp The functionality of the exchange can be extended by extensions. Those are @@ -935,6 +1106,6 @@ mail to <\fI\%taler@gnu.org\fP>. .SH AUTHOR GNU Taler contributors .SH COPYRIGHT -2014-2022 Taler Systems SA (GPLv3+ or GFDL 1.3+) +2014-2024 Taler Systems SA (GPLv3+ or GFDL 1.3+) .\" Generated by docutils manpage writer. . |